CVE-2018-3777
EUVD-2018-036803.08.2018, 20:29
Insufficient URI encoding in restforce before 3.0.0 allows attacker to inject arbitrary parameters into Salesforce API requests.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| restforce | restforce | 𝑥 < 3.0.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
- CWE-172 - Encoding ErrorThe software does not properly encode or decode the data, resulting in unexpected values.